Unsolved
This post is more than 5 years old
1 Rookie
•
5.8K Posts
0
2718
NSS Labs show Security Suites declining in protection
Tests show consumer antivirus programs falling behind
By Jeremy Kirk
October 19, 2010 03:50 AM ET
IDG News Service - The latest tests of consumer of antivirus software released on Tuesday show the products are declining in performance as the number of malicious software programs increases, a trend that does not bode well for consumers.
NSS Labs tested 11 consumer security suites and found that the products are less effective than a year ago as far as blocking the download and execution of malicious software programs. The company also tested if those programs detected and blocked malicious Web sites.
... "Perhaps surprisingly, Microsoft Security Essentials -- a free product -- ranked higher than half of the competition (paid products), including Symantec's market leading product," according to the report.
Full article: http://www.computerworld.com/s/article/9191718/Tests_show_consumer_antivirus_programs_falling_behind
You can read the NSS Labs test results (in PDF format) here:
http://www.nsslabs.com/research/endpoint-security/anti-malware/consumer-anti-malware-products:-group-test-report-q3-2010.html
Comments:
Depressing stuff. Particularly when NSS used Windows 7 as the test platform, supposedly the most secure Windows OS to date, and IE8 (although IE8's SmartScreen was disabled).
However, I would note that this was a test of commercial suites only, without any additional protection of layered defenses so often recommended here (WOT, PSI, SpywareBlaster, Hosts files, hardware firewall, HIPS, etc). Many of us here at DCF recommend avoiding suites, and prefer to "roll our own" suite, picking from the best of the stand-alone products that are available, many of them free.
I note that Avira's and Avast! suites were not included in these tests.
However, most users prefer the simplicity and guaranteed compatability of using these suites. A poll at AV-Comparatives shows that suites are the choice of most users:
http://www.av-comparatives.org/component/poll/29-which-security-product-do-you-use
I can only conclude that suites alone are not the answer.
dalem29
1 Rookie
1 Rookie
•
2.2K Posts
0
October 20th, 2010 07:00
Thanks for the info Joe.
I have learned on these forums the wisdom of the layered and overlapping approach of using stand alone security products. And as far as my AV goes I do like the way the Avast 5 updates several time a day. After reading about Sandboxie I was wondering if I should add another "layer" with it?
joe53
1 Rookie
1 Rookie
•
5.8K Posts
0
October 20th, 2010 21:00
Hi Dale:
After using Sandboxie for some 8 months now, I can say it has proven trouble-free for me, and well worth a trial. It is indeed another layer of security, and continues to play well with all my other defenses. After 30 days of the free trial of the full version, it reverts to the free version, with some loss of function, but still quite useful.
It meets all my criteria for a good on-demand defense program:
- good references from multiple reputable sources
- free version available (comes with a nag screen though)
- low impact on system performance
- no compatability issues with my system/programs (but see: http://www.sandboxie.com/index.php?KnownConflicts)
- good user-to-user support forum
- No "Grief" factor.
- Easy to install; easy to internally update.
I was so impressed, I purchased it (a one-time personal home license, good for all future versions, and for all home computers I personally own) for a reasonable price. That said, the free version is all you probably need. I'm currently using it on both XP and Win 7 (32 bit) systems, with no trouble. I can't confirm full functionality in 64 bit OSs.
There is a bit of a learning curve to using it (and I'm still learning) but website help files and tutorial are sufficient.
http://www.sandboxie.com/
I mainly use it for general surfing/searches of the web, and whenever all my browsers are unpatched and vulnerable. Also during any major zero day exploit outbreaks. I don't use it for visiting trusted sites (like here- maybe I should). Also useful for testing unknown programs without fear of negative affects on your system.
Does it work? All I know is it hasn't caught (or let) any malware trying to slip through. I don't consider it a replacement for resident AV or AS programs. I see little downside to trying it out, if your system meets its requirements.
More info and links from past threads:
http://en.community.dell.com/support-forums/virus-spyware/f/3522/p/19321107/19652873.aspx#19652873
http://en.community.dell.com/forums/p/19319991/19650013.aspx#19650013
control_tps
94 Posts
0
October 21st, 2010 00:00
I have been using Sandboxie, so far so good. By the way, I am using the free-version with nagged screen.
ky331
3 Apprentice
3 Apprentice
•
15.2K Posts
0
October 21st, 2010 07:00
For the edification of myself (who has minimal experience with Sandboxie) and others ---
What (if anything) is there that should NOT [or cannot] be done while Sandboxed? For example, am I correct in assuming that Windows Updates cannot be installed from within a sandbox? [If you try to install Windows Updates, does Sandboxie "refuse" to do so? Or does it try and "fail"? Or is my understanding incorrect... that it in fact CAN install Windows Updates?]
How about installing new programs in general? Have you "permanently" installed programs while sandboxed? I guess that would mean installing the program inside the sandbox, and then, upon exiting the sandbox, telling sandboxie to implement (move) the changes to your "actual"/"permanent" system??? Or do you merely test new programs while sandboxed, and then exit the sandbox to install them (again) "regularly"?
And what about new programs that install drivers [or other files that need to be accessed during boot-up]?
Any comments to elucidate these matters would be appreciated.
Anonymous
5 Practitioner
5 Practitioner
•
274.2K Posts
0
October 21st, 2010 14:00
Hi ky331,
http://www.sandboxie.com/index.php?FrequentlyAskedQuestions#RebootNeeded
http://www.sandboxie.com/index.php?InternetExplorerTips
---------------------------------------------------------------------------------------------------
The 2 links below go into it a little more, but basically, you can't recover programs installed in a sandbox to the real system. You just delete the sandbox and, as you mentioned above, re-install again regularly.
You can however, install programs into their own separate sandboxes and "Use software in the sandbox for as long as you wish (even forever)".
http://www.sandboxie.com/phpbb/viewtopic.php?t=1104&sid=5dea0e1c88d677829ca4d074e539b0de
http://www.sandboxie.com/phpbb/viewtopic.php?p=37313&sid=879239bee5e6f645f18edf2c75669cc1#37313
http://www.sandboxie.com/index.php?FrequentlyAskedQuestions#HowItWorks
If I missed anything, or you [or anyone else] have any more questions, please feel free to ask.